package com.example;

import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.Path;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.Security;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.util.Objects;
import java.util.Optional;
import javax.net.ssl.SSLContext;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.openssl.PEMParser;
import org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter;
import org.bouncycastle.openssl.jcajce.JceOpenSSLPKCS8DecryptorProviderBuilder;
import org.bouncycastle.operator.OperatorCreationException;
import org.bouncycastle.pkcs.PKCS8EncryptedPrivateKeyInfo;
import org.bouncycastle.pkcs.PKCSException;
import org.somda.sdc.dpws.crypto.CachingCryptoSettings;

/* loaded from: input_file:com/example/CustomCryptoSettings.class */
public class CustomCryptoSettings implements CachingCryptoSettings {
    private static final Logger LOG = LogManager.getLogger(CustomCryptoSettings.class);
    private static final String DEFAULT_KEYSTORE = "crypto/sdcparticipant.jks";
    private static final String DEFAULT_TRUSTSTORE = "crypto/root.jks";
    private static final String DEFAULT_KEYSTORE_PASSWORD = "whatever";
    private static final String DEFAULT_TRUSTSTORE_PASSWORD = "whatever";
    private byte[] keyStore;
    private byte[] trustStore;
    private String keyStorePassword;
    private String trustStorePassword;
    private SSLContext cachedContext;

    public CustomCryptoSettings(byte[] bArr, byte[] bArr2, String str, String str2) {
        this.keyStore = null;
        this.trustStore = null;
        this.keyStorePassword = null;
        this.trustStorePassword = null;
        this.cachedContext = null;
        this.keyStore = bArr;
        this.trustStore = bArr2;
        this.keyStorePassword = str;
        this.trustStorePassword = str2;
    }

    public CustomCryptoSettings() {
        this.keyStore = null;
        this.trustStore = null;
        this.keyStorePassword = null;
        this.trustStorePassword = null;
        this.cachedContext = null;
    }

    public static CustomCryptoSettings fromKeyStore(String str, String str2, String str3, String str4) {
        try {
            return new CustomCryptoSettings(Files.readAllBytes(Path.of(str, new String[0])), Files.readAllBytes(Path.of(str2, new String[0])), str3, str4);
        } catch (IOException e) {
            LOG.error("Specified store file could not be found", e);
            throw new RuntimeException("Specified store file could not be found", e);
        }
    }

    public static CustomCryptoSettings fromKeyFile(String str, String str2, String str3, String str4) {
        Security.addProvider(new BouncyCastleProvider());
        try {
            byte[] readAllBytes = Files.readAllBytes(Path.of(str, new String[0]));
            byte[] readAllBytes2 = Files.readAllBytes(Path.of(str2, new String[0]));
            byte[] readAllBytes3 = Files.readAllBytes(Path.of(str3, new String[0]));
            try {
                CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
                PrivateKey privateKey = getPrivateKey(readAllBytes, str4);
                Certificate generateCertificate = certificateFactory.generateCertificate(new ByteArrayInputStream(readAllBytes2));
                Certificate generateCertificate2 = certificateFactory.generateCertificate(new ByteArrayInputStream(readAllBytes3));
                try {
                    KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
                    keyStore.load(null);
                    KeyStore keyStore2 = KeyStore.getInstance(KeyStore.getDefaultType());
                    keyStore2.load(null);
                    try {
                        keyStore.setKeyEntry("key", privateKey, str4.toCharArray(), new Certificate[]{generateCertificate});
                        keyStore2.setCertificateEntry("ca", generateCertificate2);
                        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                        ByteArrayOutputStream byteArrayOutputStream2 = new ByteArrayOutputStream();
                        try {
                            keyStore.store(byteArrayOutputStream, str4.toCharArray());
                            keyStore2.store(byteArrayOutputStream2, str4.toCharArray());
                            return new CustomCryptoSettings(byteArrayOutputStream.toByteArray(), byteArrayOutputStream2.toByteArray(), str4, str4);
                        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
                            LOG.error("Error converting keystore to stream", e);
                            throw new RuntimeException("Error converting keystore to stream", e);
                        }
                    } catch (KeyStoreException e2) {
                        LOG.error("Error loading certificate into keystore instance", e2);
                        throw new RuntimeException("Error loading certificate into keystore instance", e2);
                    }
                } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e3) {
                    LOG.error("Error creating keystore instance", e3);
                    throw new RuntimeException("Error creating keystore instance", e3);
                }
            } catch (IOException | CertificateException e4) {
                LOG.error("Specified certificate file could not be loaded", e4);
                throw new RuntimeException("Specified certificate file could not be loaded", e4);
            }
        } catch (IOException e5) {
            LOG.error("Specified certificate file could not be found", e5);
            throw new RuntimeException("Specified certificate file could not be found", e5);
        }
    }

    private static PrivateKey getPrivateKey(byte[] bArr, String str) throws IOException {
        PEMParser pEMParser = new PEMParser(new BufferedReader(new InputStreamReader(new ByteArrayInputStream(bArr), StandardCharsets.UTF_8)));
        PKCS8EncryptedPrivateKeyInfo pKCS8EncryptedPrivateKeyInfo = (PKCS8EncryptedPrivateKeyInfo) pEMParser.readObject();
        pEMParser.close();
        try {
            try {
                return new JcaPEMKeyConverter().setProvider(new BouncyCastleProvider()).getPrivateKey(pKCS8EncryptedPrivateKeyInfo.decryptPrivateKeyInfo(new JceOpenSSLPKCS8DecryptorProviderBuilder().build(str.toCharArray())));
            } catch (PKCSException e) {
                throw new IOException((Throwable) e);
            }
        } catch (OperatorCreationException e2) {
            throw new IOException((Throwable) e2);
        }
    }

    public Optional<InputStream> getKeyStoreStream() {
        return this.keyStore != null ? Optional.of(new ByteArrayInputStream(this.keyStore)) : Optional.ofNullable(getClass().getClassLoader().getResourceAsStream(DEFAULT_KEYSTORE));
    }

    public String getKeyStorePassword() {
        return (String) Objects.requireNonNullElse(this.keyStorePassword, "whatever");
    }

    public Optional<InputStream> getTrustStoreStream() {
        return this.trustStore != null ? Optional.of(new ByteArrayInputStream(this.trustStore)) : Optional.ofNullable(getClass().getClassLoader().getResourceAsStream(DEFAULT_TRUSTSTORE));
    }

    public String getTrustStorePassword() {
        return (String) Objects.requireNonNullElse(this.trustStorePassword, "whatever");
    }

    public synchronized Optional<SSLContext> getSslContext() {
        return Optional.ofNullable(this.cachedContext);
    }

    public synchronized void setSslContext(SSLContext sSLContext) {
        this.cachedContext = sSLContext;
    }
}
